As More Employees Become Mobile, Global Research Reveals Valuable Knowledge to Prevent Threats With Proper Technology, Communication

SAN JOSE, CA--(Marketwire - August 21, 2007) - A global third-party study commissioned by
Cisco® (NASDAQ: CSCO) and the National Cyber Security Alliance reveals
behavioral findings among mobile wireless workers that spotlight the human
side of security as businesses and IT organizations empower more and more
employees to remain connected outside of their offices.

Conducted this spring by InsightExpress, an independent market research
firm, the study explores what's at stake for businesses striving to become
mobile, and therefore more agile and efficient. It reveals findings gleaned
from more than 700 mobile employees in seven countries that have adopted
wireless technologies widely: the United States, United Kingdom, Germany,
China, India, South Korea, and Singapore. Although the study uncovers risky
behavioral trends, the results represent a major opportunity for IT to play
a more proactive and strategic role in protecting their employees and
businesses overall, both through education and solutions.

This is especially relevant as adoption of wireless and mobility
technologies increases. For example, IDC reports that by 2009 the number of
mobile workers in the United States is expected to reach more than 70
percent of the country's total workforce. Korn/Ferry International reports
that 81 percent of executives globally are constantly connected via mobile
devices.

"Wireless and mobility technologies are here to stay. They're a fact of
life," said Ron Teixeira, executive director of NCSA, an organization
chartered to educate the public on online security and safety. "While this
study shows mobility provides businesses with new risks, so do other
Internet services and new technologies. Mobility and the Internet can be
used securely and safely if businesses institute a culture of security
within their workforce by providing their employees with continuous cyber
security awareness and education programs."

Almost three of every four (73 percent) mobile users claimed that they are
not always cognizant of security threats and best practices when working on
the go. Although many said they are aware "sometimes," 28 percent of them
admitted that they "hardly ever" consider security risks and proper
behavior. Some of these mobile users even admitted that they "never"
consider safe best practices and didn't know they needed to be aware of
security risks. When asked why they were lax in their security behavior,
many mobile users offered reasons like, "I'm in a hurry," "I'm busy and
need to get work done," "Security just is not top-of-mind for me," and
"It's IT's job, not mine."

According to Ben Gibson, director of Cisco's wireless and mobility
solutions, this reasoning highlights the importance for IT to engage users
and educate them on good security behavior. A good security culture drives
good security behavior, he says.

"Businesses are increasingly entrusting more and more employees with access
to corporate information anywhere outside of the office, and this doesn't
need to be a growing concern -- not if the proper security technology and
IT-user engagement model is in place," Gibson said. "After all, embracing
mobility and truly leveraging the power it gives businesses -- agility,
access, responsiveness, efficiency -- requires protecting and educating
employees to prevent them from undermining this value. This is a role IT
can and should play more proactively than they traditionally have in the
past."

Mobile employees admitted to engaging in a variety of risky behavior. A
couple examples include:

-- Almost half (44 percent) of all mobile users surveyed said they open
emails and/or attachments from unknown or suspicious sources. In China,
India, and the United Kingdom, more than half of mobile end users admitted
to this behavior. A significant number (76 percent) said it is more
difficult to identify suspicious emails and files on PDAs and smartphones
than on laptops because the screens are much smaller.

"What's key is knowing that the issues outlined in this study can be
addressed," said Jeff Platon, Cisco's vice president of security solutions.
"Technology is important in helping to resolve security issues for wireless
mobile users, but education and communication are proactive measures IT can
take to help address corporate security and generate greater ROI on their
investments. IT should be a strategic asset to the business -- enabling
business process transformation and unlocking the power of collaboration.
As more workers become mobile, proactively educating them to practice good
security behavior should be a key tenet of any business' approach to IT
security and risk management."

According to Teixeira, best practices that IT can work with mobile
employees on include:

-- Use effective passwords that are changed every 90 days
-- Update antivirus and anti-spyware programs
-- Download necessary patches to operating systems regularly
-- Create backups of all important data and files
-- Encrypt sensitive data
-- Have an emergency response plan for wireless security breaches
-- Marry proactive education with proper technology that protects
connections to networks, mobile and wireless devices as they leave
corporate environments, and re-entry of those devices into the same
corporate environments as they reconnect to their networks. This includes a
defense-in-depth wireless (and wired) security infrastructure that
incorporates virtual private networking, device and endpoint protection,
intrusion detection, admission control, effective management, etc.

A not-for-profit 501(c)(3) organization, the National Cyber Security
Alliance (NCSA) is a central clearinghouse for cyber security awareness and
education for home users, small businesses, and the education community. A
public-private partnership, NCSA sponsors include the Department of
Homeland Security, Federal Trade Commission, and many private-sector
corporations and organizations. For more information, and to review the top
eight cyber security practices, visit www.staysafeonline.org.

Cisco, Cisco Systems, and the Cisco Systems logo are registered trademarks
or trademarks of Cisco Systems, Inc. and/or its affiliates in the United
States and certain other countries. All other trademarks mentioned in this
document are the property of their respective owners. The use of the word
partner does not imply a partnership relationship between Cisco and any
other company. This document is Cisco Public
Information.